Hiring for IT and cybersecurity roles doesn’t just involve looking at resumes, degrees, and past job titles. It also requires taking a closer look at candidates’ specific skills and certifications to see if their technical abilities align with the core functions of the job.
That’s where certifications are so important. Understanding the nuances of common certification programs allows for hiring teams to ensure they’re finding the right people to fill key roles, from highly technical positions to leadership roles liaising between business and tech and much more.
There are dozens of IT and cybersecurity certifications out there right now, many of which even have similar-sounding names. Here are a few of the most significant in today’s workforce.
Certified Information Security Manager (CISM): With technology changing so rapidly, companies are putting even more emphasis on information security and related data protocols. The CISM certification focuses on risk assessment, effective governance, and proactive methods to combat the possibility of data breaches, ransomware attacks, and other risks in today’s digital world.
Certified Information Systems Auditor (CISA): A global standard for mid-career IT professionals, the CISA certification focuses on those who audit and assess IT systems. The certification indicates experience and expertise in planning, conducting, and assessing audits, protecting information assets, and managing IT in relation to business.
Certified Information Systems Security Professional (CISSP): Along similar (but not identical) lines as a CISM certification, CISSP is a security-centric certification for professionals looking to advance their careers. CISSP-certified individuals learn to develop, implement, and manage top-of-class cybersecurity programs, making these professionals highly sought after for key leadership roles in cybersecurity.
AWS Certified Solutions Architect: Software engineers may pursue one of the two levels (Associate or Professional) of this certification. Focused on designing architecture on Amazon Web Services cloud, the certification requires experience working with AWS and specialized training. For the more advanced Professional certification, candidates also must demonstrate scripting language proficiency, understanding of how to integrate design with business goals, and advanced AWS knowledge. Mid-level roles may only require the next-lowest certification, the AWS Certified Solutions Associate.
CompTIA Certifications: There are multiple CompTIA certifications offered for IT professionals at different levels and on different tracks. The A+ certification is a popular and well-respected choice at a relatively entry-level, indicating that candidates have a strong ability to solve basic problems across IT areas. This usually serves as a base for further specialization down the line. The Security+ certification builds more security-focused skills (which can then later be further built on with certifications like CISM or CISSP), while a Network+ certification an interest in networking, cybersecurity, and cryptography, and a Cloud+ certification centers on securing cloud-based systems.
Cisco Certified Network Certifications: Network-specific but highly respected, the Associate and Professional levels of this certification are popular among IT and cybersecurity professionals focusing on networking issues like connectivity and access. The Professional level takes the associate-level skills and tests them further, including deeper knowledge of WANs, LANs, and other key network concepts.
Microsoft Certified certifications: Microsoft also offers quite a few certifications, particularly after their revamp of the certifications system in 2021. Now, they offer several certifications at “associate” and “expert” levels, including in their Azure cloud-based solutions, data, AI, and more. The current certifications are a little more specialized for particular career paths, making it clearer to hiring teams what areas the candidate has significant experience in.
GIAC Information Security Fundamentals (GISF): This certification is an entry-level introduction to key cybersecurity concepts. Lower-level roles are likely to pursue this certification as a foundation to later build on with more specialized experience and certifications, but other professionals whose roles intersect with information, system admins, and security may also benefit from this core knowledge.
By Daniel Midoneck
